[jira] Updated: (CXF-827) SOAP Header element is returned to the client even if detached in a JAXWS Handler

Tue, 24 Jul 2007 03:22:51 -0700 

     [ 
https://issues.apache.org/jira/browse/CXF-827?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Matthias Germann updated CXF-827:
---------------------------------

    Description: 
If a JAXWS Handler detaches a SOAP Header element with the the detachNode() 
Method of the SOAPElement Class during inbound processing of a SOAP Message, 
the Header is still returned to the client in the SOAP Response.

Here is a code sample from my JAXWS Handler which detaches the Header element:

        public boolean handleMessage(SOAPMessageContext msgCtx) {
                if (isOutboundMessage(msgCtx)) {
                       return true;
                }

                try {
                        SOAPHeader header = 
msgCtx.getMessage().getSOAPPart().getEnvelope().getHeader();
                        if (header == null) {
                                return true;
                        }
        
                        List<SOAPElement> toRemove = new 
ArrayList<SOAPElement>();
                        for (Iterator iter = header.getChildElements(); 
iter.hasNext();) {
                                Object obj = iter.next();
                                if (obj instanceof SOAPElement) {
                                        SOAPElement element = (SOAPElement) obj;
        
                                        // Security Headers suchen
                                        Name name = element.getElementName();
                                        if 
(NsConstants.WSS.equals(name.getURI())
                                                        && 
HandlerConstants.WSS_SECURITY_ELEM.equals(name.getLocalName())) {
                                                log.debug("WSS Security Header 
found");
                                                toRemove.add(element);
                                        }
                                }
                        }
        
                        // Security Headers, welche erfoglreich bearbeitet 
wurden, entfernen
                        for (SOAPElement elem : toRemove) {
                                elem.detachNode();
                        }                       
                        return true;
                } catch(SOAPException e) {
                        log.error("Can't remove security header", e);
                        throw new RuntimeException("Can't remove security 
header", e);
                }
                
        }

  was:
If a JAXWS Handler detaches a SOAP Header element with the the detachNode() 
Method of the SOAPElement Class during inbound processing of a SOAP Message, 
the Header is still returned to the client in the SOAP Response.

        public boolean handleMessage(SOAPMessageContext msgCtx) {
                if (isOutboundMessage(msgCtx)) {
                       return true;
                }

                try {
                        SOAPHeader header = 
msgCtx.getMessage().getSOAPPart().getEnvelope().getHeader();
                        if (header == null) {
                                return true;
                        }
        
                        List<SOAPElement> toRemove = new 
ArrayList<SOAPElement>();
                        for (Iterator iter = header.getChildElements(); 
iter.hasNext();) {
                                Object obj = iter.next();
                                if (obj instanceof SOAPElement) {
                                        SOAPElement element = (SOAPElement) obj;
        
                                        // Security Headers suchen
                                        Name name = element.getElementName();
                                        if 
(NsConstants.WSS.equals(name.getURI())
                                                        && 
HandlerConstants.WSS_SECURITY_ELEM.equals(name.getLocalName())) {
                                                log.debug("WSS Security Header 
found");
                                                toRemove.add(element);
                                        }
                                }
                        }
        
                        // Security Headers, welche erfoglreich bearbeitet 
wurden, entfernen
                        for (SOAPElement elem : toRemove) {
                                elem.detachNode();
                        }                       
                        return true;
                } catch(SOAPException e) {
                        log.error("Can't remove security header", e);
                        throw new RuntimeException("Can't remove security 
header", e);
                }
                
        }


> SOAP Header element is returned to the client even if detached in a JAXWS 
> Handler
> ---------------------------------------------------------------------------------
>
>                 Key: CXF-827
>                 URL: https://issues.apache.org/jira/browse/CXF-827
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-WS Runtime
>    Affects Versions: 2.0
>            Reporter: Matthias Germann
>
> If a JAXWS Handler detaches a SOAP Header element with the the detachNode() 
> Method of the SOAPElement Class during inbound processing of a SOAP Message, 
> the Header is still returned to the client in the SOAP Response.
> Here is a code sample from my JAXWS Handler which detaches the Header element:
>       public boolean handleMessage(SOAPMessageContext msgCtx) {
>               if (isOutboundMessage(msgCtx)) {
>                        return true;
>                 }
>               try {
>                       SOAPHeader header = 
> msgCtx.getMessage().getSOAPPart().getEnvelope().getHeader();
>                       if (header == null) {
>                               return true;
>                       }
>       
>                       List<SOAPElement> toRemove = new 
> ArrayList<SOAPElement>();
>                       for (Iterator iter = header.getChildElements(); 
> iter.hasNext();) {
>                               Object obj = iter.next();
>                               if (obj instanceof SOAPElement) {
>                                       SOAPElement element = (SOAPElement) obj;
>       
>                                       // Security Headers suchen
>                                       Name name = element.getElementName();
>                                       if 
> (NsConstants.WSS.equals(name.getURI())
>                                                       && 
> HandlerConstants.WSS_SECURITY_ELEM.equals(name.getLocalName())) {
>                                               log.debug("WSS Security Header 
> found");
>                                               toRemove.add(element);
>                                       }
>                               }
>                       }
>       
>                       // Security Headers, welche erfoglreich bearbeitet 
> wurden, entfernen
>                       for (SOAPElement elem : toRemove) {
>                               elem.detachNode();
>                       }                       
>                       return true;
>               } catch(SOAPException e) {
>                       log.error("Can't remove security header", e);
>                       throw new RuntimeException("Can't remove security 
> header", e);
>               }
>               
>       }

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to